-
SLOVENSKI STANDARD SIST-TP CEN ISO/TR 24971:2020
01-september-2020
Medicinski pripomočki - Navodilo za uporabo ISO 14971 (ISO/TR
24971:2020)
Medical devices - Guidance on the application of ISO 14971
(ISO/TR 24971:2020)
Medizinprodukte - Leitfaden zur Anwendung von ISO 14971 (ISO/TR
24971:2020)
Dispositifs médicaux - Directives relatives à l'ISO 14971
(ISO/TR 24971:2020)
Ta slovenski standard je istoveten z: CEN ISO/TR 24971:2020
11.040.01 Medicinska oprema na splošno
Medical equipment in general
ICS:
SIST-TP CEN ISO/TR 24971:2020 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje
celote ali delov tega standarda ni dovoljeno.
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
TECHNICAL REPORT RAPPORT TECHNIQUE TECHNISCHER BERICHT CEN
ISO/TR 24971 July 2020 ICS 11.040.01
English version Medical devices - Guidance on the application of
ISO 14971 (ISO/TR 24971:2020) Dispositifs médicaux -
Recommandations relatives à l'application de l'ISO 14971 (ISO/TR
24971:2020) Medizinprodukte - Leitfaden zur Anwendung von ISO 14971
(ISO/TR 24971:2020) This Technical Report was approved by CEN on 16
July 2020. It has been drawn up by the Technical Committee
CEN/CLC/JTC 3. CEN and CENELEC members are the national standards
bodies and national electrotechnical committees of Austria,
Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark,
Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands,
Norway, Poland, Portugal, Republic of North Macedonia, Romania,
Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040
Brussels
© 2020 CEN/CENELEC All rights of exploitation in any form and by
any means reserved worldwide for CEN national Members and for
CENELEC Members. Ref. No. CEN ISO/TR 24971:2020 E
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
CEN ISO/TR 24971:2020 (E)
2
Contents Page
European foreword
.......................................................................................................................................................
3
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
CEN ISO/TR 24971:2020 (E)
3
European foreword
This document (CEN ISO/TR 24971:2020) has been prepared by
Technical Committee ISO/TC 210 "Quality management and
corresponding general aspects for medical devices" in collaboration
with Technical Committee CEN/CLC/JTC 3 “Quality management and
corresponding general aspects for medical devices” the secretariat
of which is held by NEN.
Attention is drawn to the possibility that some of the elements
of this document may be the subject of patent rights. CEN shall not
be held responsible for identifying any or all such patent
rights.
Endorsement notice
The text of ISO/TR 24971:2020 has been approved by CEN as CEN
ISO/TR 24971:2020 without any modification.
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
© ISO 2020
Medical devices — Guidance on the application of ISO
14971Dispositifs médicaux — Recommandations relatives à
l'application de l'ISO 14971
Second edition2020-06
Reference numberISO/TR 24971:2020(E)
TECHNICAL REPORT
ISO/TR24971
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
ISO/TR 24971:2020(E)
ii © ISO 2020 – All rights reserved
COPYRIGHT PROTECTED DOCUMENT
© ISO 2020All rights reserved. Unless otherwise specified, or
required in the context of its implementation, no part of this
publication may be reproduced or utilized otherwise in any form or
by any means, electronic or mechanical, including photocopying, or
posting on the internet or an intranet, without prior written
permission. Permission can be requested from either ISO at the
address below or ISO’s member body in the country of the
requester.
ISO copyright officeCP 401 • Ch. de Blandonnet 8CH-1214 Vernier,
GenevaPhone: +41 22 749 01 11Email: [email protected]:
www.iso.org
Published in Switzerland
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
ISO/TR 24971:2020(E)
Foreword
..........................................................................................................................................................................................................................................vIntroduction
................................................................................................................................................................................................................................vi1
Scope
.................................................................................................................................................................................................................................
12 Normative references
......................................................................................................................................................................................
13 Termsanddefinitions
.....................................................................................................................................................................................
14 General requirements for risk management system
......................................................................................................
1
4.1 Risk management process
........................................................................................................................................................
14.2 Management responsibilities
.....................................................................................................................................................
1
4.2.1 Top management commitment
.........................................................................................................................
14.2.2 Policy for establishing criteria for risk acceptability
.......................................................................
24.2.3 Suitability of the risk management process
........................................................................................
2
4.3 Competence of personnel
..............................................................................................................................................................
24.4 Risk management plan
..................................................................................................................................................................
3
4.4.1
General......................................................................................................................................................................................
34.4.2 Scope of the risk management plan
.............................................................................................................
44.4.3 Assignment of responsibilities and authorities
....................................................................................
44.4.4 Requirements for review of risk management activities
........................................................... 44.4.5
Criteria for risk acceptability
................................................................................................................................
44.4.6 Method to evaluate overall residual risk and criteria for
acceptability ......................... 54.4.7 Verification
activities
..................................................................................................................................................
54.4.8 Activities related to collection and review of production
and post-
production information
............................................................................................................................................
54.5 Risk management file
...................................................................................................................................................................
5
5 Risk analysis
.............................................................................................................................................................................................................
65.1 Risk analysis process
.....................................................................................................................................................................
65.2 Intended use and reasonably foreseeable misuse
.............................................................................................
65.3 Identification of characteristics related to safety
...................................................................................................
75.4 Identification of hazards and hazardous situations
..........................................................................................
7
5.4.1 Hazards
..................................................................................................................................................................................
75.4.2 Hazardous situations in general
.....................................................................................................................
85.4.3 Hazardous situations resulting from faults
...........................................................................................
85.4.4 Hazardous situations resulting from random faults
......................................................................
85.4.5 Hazardous situations resulting from systematic faults
...............................................................
85.4.6 Hazardous situations arising from security vulnerabilities
.................................................... 95.4.7
Sequences or combinations of events
...........................................................................................................
9
5.5 Risk estimation
.................................................................................................................................................................................
115.5.1
General...................................................................................................................................................................................
115.5.2 Probability
..........................................................................................................................................................................125.5.3
Risks for which probability cannot be estimated
.............................................................................135.5.4
Severity
...............................................................................................................................................................................
135.5.5 Examples
..............................................................................................................................................................................
13
6 Risk evaluation
.....................................................................................................................................................................................................167
Risk control
..............................................................................................................................................................................................................16
7.1 Risk control option analysis
....................................................................................................................................................
167.1.1 Risk control for medical device design
...................................................................................................167.1.2
Risk control for manufacturing processes
...........................................................................................187.1.3
Standards and risk control
................................................................................................................................
19
7.2 Implementation of risk control measures
..................................................................................................................
197.3 Residual risk evaluation
.............................................................................................................................................................
197.4 Benefit-risk analysis
.......................................................................................................................................................................
19
7.4.1
General...................................................................................................................................................................................
197.4.2 Benefit estimation
.......................................................................................................................................................20
© ISO 2020 – All rights reserved iii
Contents Page
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
ISO/TR 24971:2020(E)
7.4.3 Criteria for benefit-risk analysis
....................................................................................................................217.4.4
Benefit-risk
comparison........................................................................................................................................
217.4.5 Examples of benefit-risk analyses
................................................................................................................21
7.5 Risks arising from risk control measures
...................................................................................................................
227.6 Completeness of risk control
................................................................................................................................................
22
8 Evaluation of overall residual risk
...................................................................................................................................................228.1
General considerations
.................................................................................................................................................................
228.2 Inputs and other considerations
..........................................................................................................................................
238.3 Possible approaches
........................................................................................................................................................................
24
9 Risk management review
..........................................................................................................................................................................2510
Production and post-production
activities..............................................................................................................................25
10.1 General
........................................................................................................................................................................................................
2510.2 Information collection
...................................................................................................................................................................
2510.3 Information review
..........................................................................................................................................................................
2710.4 Actions
.........................................................................................................................................................................................................
28
Annex A (informative)Identificationofhazards and characteristics
related to safety ................................30Annex B
(informative) Techniques that support risk analysis
................................................................................................38Annex
C (informative) Relation between the policy, criteria for risk
acceptability, risk
control and risk evaluation
......................................................................................................................................................................43Annex
D (informative) Information for safety and information on residual
risk ...............................................48Annex E
(informative) Role of international standards in risk management
.........................................................51Annex F
(informative) Guidance on risks related to security
..................................................................................................56Annex
G (informative) Components and devices designed without using ISO
14971 ...................................61Annex H (informative)
Guidance for in vitro diagnostic medical devices
.....................................................................63Bibliography
.............................................................................................................................................................................................................................86
iv © ISO 2020 – All rights reserved
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
ISO/TR 24971:2020(E)
Foreword
ISO (the International Organization for Standardization) is a
worldwide federation of national standards bodies (ISO member
bodies). The work of preparing International Standards is normally
carried out through ISO technical committees. Each member body
interested in a subject for which a technical committee has been
established has the right to be represented on that committee.
International organizations, governmental and non-governmental, in
liaison with ISO, also take part in the work. ISO collaborates
closely with the International Electrotechnical Commission (IEC) on
all matters of electrotechnical standardization.
The procedures used to develop this document and those intended
for its further maintenance are described in the ISO/IEC
Directives, Part 1. In particular the different approval criteria
needed for the different types of ISO documents should be noted.
This document was drafted in accordance with the editorial rules of
the ISO/IEC Directives, Part 2 (see www .iso .org/ directives -and
-policies).
Attention is drawn to the possibility that some of the elements
of this document may be the subject of patent rights. ISO shall not
be held responsible for identifying any or all such patent rights.
Details of any patent rights identified during the development of
the document will be in the Introduction and/or on the ISO list of
patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for
the convenience of users and does not constitute an
endorsement.
For an explanation on the voluntary nature of standards, the
meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the
World Trade Organization (WTO) principles in the Technical Barriers
to Trade (TBT), see the following URL: www .iso .org/ iso/ foreword
.html.
This document was prepared jointly by Technical Committee ISO/TC
210, Quality management and corresponding general aspects for
medical devices, and Subcommittee IEC/SC 62A, Common aspects of
electrical equipment used in medical practice.
This second edition cancels and replaces the first edition,
which has been technically revised. The main changes compared to
the previous edition are as follows:
— The clauses of ISO/TR 24971:2013 and some informative annexes
of ISO 14971:2007 are merged, restructured, technically revised,
and supplemented with additional guidance.
— To facilitate the use of this document, the same structure and
numbering of clauses and subclauses as in ISO 14971:2019 is
employed. The informative annexes contain additional guidance on
specific aspects of risk management.
Any feedback or questions on this document should be directed to
the user’s national standards body. A complete listing of these
bodies can be found at www .iso .org/ members .html.
© ISO 2020 – All rights reserved v
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
ISO/TR 24971:2020(E)
Introduction
This document provides guidance to assist manufacturers in the
development, implementation and maintenance of a risk management
process for medical devices that aims to meet the requirements of
ISO 14971:2019, Medical devices — Application of risk management to
medical devices. It provides guidance on the application of ISO
14971:2019 for a wide variety of medical devices. These medical
devices include active, non-active, implantable, and
non-implantable medical devices, software as medical devices and in
vitro diagnostic medical devices.
The clauses and subclauses in this document have the same
structure and numbering as the clauses and subclauses of ISO
14971:2019, to facilitate the use of this guidance in applying the
requirements of the standard. Further division into subclauses is
applied where considered useful. The informative annexes contain
additional guidance on specific aspects of risk management. The
guidance consists of the clauses of ISO/TR 24971:2013 and some of
the informative annexes of ISO 14971:2007, which are merged,
restructured, technically revised, and supplemented with additional
guidance.
Annex H was prepared in cooperation with Technical Committee
ISO/TC 212, Clinical laboratory testing and in vitro diagnostic
test systems.
This document describes approaches that manufacturers can use to
develop, implement and maintain a risk management process
conforming to ISO 14971:2019. Alternative approaches can also
satisfy the requirements of ISO 14971:2019.
When judging the applicability of the guidance in this document,
one should consider the nature of the medical device(s) to which it
will apply, how and by whom these medical devices are used, and the
applicable regulatory requirements.
vi © ISO 2020 – All rights reserved
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
Medical devices — Guidance on the application of ISO 14971
1 Scope
This document provides guidance on the development,
implementation and maintenance of a risk management system for
medical devices according to ISO 14971:2019.
The risk management process can be part of a quality management
system, for example one that is based on ISO 13485:2016[24], but
this is not required by ISO 14971:2019. Some requirements in ISO
13485:2016 (Clause 7 on product realization and 8.2.1 on feedback
during monitoring and measurement) are related to risk management
and can be fulfilled by applying ISO 14971:2019. See also the ISO
Handbook: ISO 13485:2016 — Medical devices — A practical
guide[25].
2 Normative references
The following documents are referred to in the text in such a
way that some or all of their content constitutes requirements of
this document. For dated references, only the edition cited
applies. For undated references, the latest edition of the
referenced document (including any amendments) applies.
ISO 14971:2019, Medical devices — Application of risk management
to medical devices
3 Termsanddefinitions
For the purposes of this document, the terms and definitions
given in ISO 14971:2019 apply.
ISO and IEC maintain terminological databases for use in
standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso
.org/ obp
— IEC Electropedia: available at http:// www .electropedia
.org/
NOTE The defined terms in ISO 14971:2019 are derived as much as
possible from ISO/IEC Guide 63:2019[20] which was developed
specifically for the medical device sector.
4 General requirements for risk management system
4.1 Risk management process
ISO 14971:2019 requires that the manufacturer establishes,
implements, documents and maintains an ongoing risk management
process throughout the life cycle of the medical device. The
required elements in this process and the responsibilities of top
management are given in ISO 14971:2019 and explained in further
detail in this document.
4.2 Management responsibilities
4.2.1 Top management commitment
Top management has the responsibility to establish and maintain
an effective risk management process. It is important to note the
emphasis on top management in ISO 14971:2019 Top management has the
power to assign authorities and responsibilities, to set priorities
and to provide resources within the organization. Commitment at the
highest level of the organization is essential for the risk
management process to be effective.
TECHNICAL REPORT ISO/TR 24971:2020(E)
© ISO 2020 – All rights reserved 1
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
ISO/TR 24971:2020(E)
If the manufacturer’s organization consists of separate
entities, for example business units or divisions, then top
management can refer to those individuals who direct and control
the entity implementing the risk management process. Each entity
can have its own risk management process (and its own quality
management system).
4.2.2 Policy for establishing criteria for risk
acceptability
ISO 14971:2019 requires top management to define and document
the policy for establishing criteria for risk acceptability. Annex
C provides detailed guidance on how to define such a policy and
which elements should be included, such as applicable regulations,
relevant international standards, the generally acknowledged state
of the art and known stakeholder concerns. Annex C also explains
the relation between the policy and the criteria for risk
acceptability and how these criteria are used in risk control and
risk evaluation.
The policy can allow specific criteria for each type of medical
device (or medical device family). This can depend on the
characteristics of the medical device and its intended use
(including the intended patient population). ISO 14971:2019
requires that the policy provides guidelines on how to establish
the criteria for acceptability of the overall residual risk.
4.2.3 Suitability of the risk management process
ISO 14971:2019 requires top management to review the suitability
of the risk management process at planned intervals. The review of
the suitability is a high-level review of the risk management
process and can include reviewing the following aspects, for
example:
— the effectiveness of the implemented risk management
procedures;
— the adequacy of the criteria for risk acceptability, which can
imply the need for an adaptation of the criteria for risk
acceptability for specific medical devices; and
— the effectiveness of the feedback loop of the production and
post-production information (see 10.4).
4.3 Competence of personnel
Ensuring the assignment of competent personnel is a
responsibility of top management. Examples of the personnel that
can be involved in specific risk management tasks and the relevant
knowledge and experience supporting effective completion of the
associated tasks are given in Table 1.
Some risk management activities can be performed by external
consultants or specialists. The required competence should be
documented as well as the objective evidence of the fulfilment of
these requirements.
Table 1 — Examples of competent personnel and relevant knowledge
and experience
Personnel or function Knowledge and experienceRisk management
owner Medical device risk management processEngineer or scientist
Medical device technologies, design and
operating principlesOperations Manufacturing
processesSupply-chain management Sources of material and services,
in-
cluding outsourced processesMedical or clinical expert Clinical
evaluation methodologies and
requirementsUse in medical practice, including ben-efits,
hazardous situations and possible harm
2 © ISO 2020 – All rights reserved
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
-
ISO/TR 24971:2020(E)
Personnel or function Knowledge and experienceRegulatory affairs
Regulatory requirements pertaining to
safety and risk management in coun-tries/regions where the
medical device is intended to be marketed
Quality assurance Quality management systems and qual-ity
practices
Packaging, storage, handling and distribution
Hazards and risk control measures in relation to packaging,
storage, handling and distribution
Service engineer, biomedical engineer or medical physicist
Hazards and risk control measures in relation to installation,
maintenance, repair, calibration, service and support processes and
practices
Post-production Customer complaints and adverse event reporting,
post-market surveillance
Information services Data mining processes, methodologies for
literature search
All individuals involved in the review and approval of the
records
Expertise in the functional area for which they are reviewing
and approving
Consider the need to include the following topics in the
education of risk management experts:
— management of a risk management program for medical
devices;
— ethics, safety, security and liability;
— concepts of risk, risk acceptability and benefit-risk
analysis;
— probability and statistics for risk management and
reliability;
— risk management and reliability in design and development;
— relevant standards and regulations;
— risk estimation including methods to determine the severity
and probability of occurrence of harm;
— risk assessment methodology;
— methods for risk control;
— methods for verifying the effectiveness of risk control
measures;
— methods for analysing production and post-production
information.
4.4 Risk management plan
4.4.1 General
The risk management plan describes the scope of the risk
management activities, the responsibilities and authorities of
those involved, the criteria for risk acceptability, the production
and post-production information to be collected and reviewed for
the medical device, and all risk management activities that are
carried out during the entire product life cycle. The risk
management plan can be a separate document, or it can be integrated
with other documentation, e.g. quality management system
documentation. It
Table 1 (continued)
© ISO 2020 – All rights reserved 3
SIST-TP CEN ISO/TR 24971:2020
iTeh STANDARD PREVIEW(standards.iteh.ai)
SIST-TP CEN ISO/TR
24971:2020https://standards.iteh.ai/catalog/standards/sist/7fe49b90-5057-47c8-845a-
9e5cb0b044ce/sist-tp-cen-iso-tr-24971-2020
fiê«”�Ã%éÇ°Í�P×�Ò^åîyÆŠ·õ'¡œ!Ñl%4:¢‡á¡�úÍï"c¤Æ:¯NÌîı‚x�ã‘!ü‚˘˙�˜"�ÐOñ\ž˚¡'_Z�Ð^ö�…€w—¢þ˝7@�Ý´���-9\�Nô·¦&}ӆʴi·⁄ŠÚ`˜øÚW߯ŽË